Slashdot videos: Now with more Slashdot!

View

Discuss

Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

An anonymous reader writes "Microsoft has broken its relationship with one of its Gold Partners, after it discovered that the partner was involved in a scam involving bogus tech support calls. India-based Comantra is said to have cold-called computer users in the UK, Australia, Canada and elsewhere, claiming to offer assistance in cleaning up virus infections. The calls used scare tactics to talk users into opening the Event Viewer on Windows, where a seemingly dangerous list of errors would be seen. This 'evidence' was used to trick innocent users into believing they had a malware infection, and for Comantra to gain the users' confidence. Duped users would then give permission for the support company to have remote access to their PC, and hand over their credit card details for a 'fix.' Security firm Sophos says that internet users have been complaining about Comantra's activities for over 18 months, and it has taken a long time for Microsoft to take action. Comantra's website still retains the Gold Certified Partner logo, although their details have been removed from Microsoft's database of approved partners."

Actually, you need to take your corporate IT hat off for a second. The people who fall for this scam are typically people who didn't grow up with computers. Your mum and dad (now maybe in their sixties), who only use a computer to type the odd letter, Skype the grandkids and maybe look for old friends on Facebook. They do not have access to tech support and mostly their computers have been bought in a standard configuration with just the few things they need installed.

Those people (I can't get myself to call them users) have been told by their kids, the banks and everyone else they trust to understand computers, that viruses are a real threat and that if you get a computer virus it is really bad and awful things can happen to you (identity theft, damaged computer, having your broadbad costs skyrocket from a spam-virus using up your allowance etc.).

I know some of these people are scared to even start a web browser for any site that they have not specifically been told they can trust.

So, when one of these scam (scum) artists calls up and tells them that they have a bad virus - their immediate reaction is fear and confusion. When the scammer then offers to "fix" the problem, they gladly agree to hand over a relatively modest amount (around $150 usually) and let the scammer go ahead. Sadly, once their credit card details have been handed over, it is normally not the end of it.

How do I know all this? Because it happened to the nice old man down the street. He was almost in tears when he told me how he'd gone ahead and let the scammer take almost half his weekly pension money. It also happened to a nice elderly couple that are friends of my parents and to the man who mowes my lawn to supplement his pension. Nice, normal and not even that gullible people - just people who are not geeks.

We (the geeks) actually have a responsibility to educate those poor people rather than calling them idiots. Nothing beats a scammer better than being forewarned.

All the more reason to move people like this to walled gardens. Let them roam free in the relative safety of iOS or (maybe, if they stick to the Market only) even Android...

Although some people are too stubborn. Just last month my girlfriend's dad asked me for help picking out a new PC... why not just an iPad? Because he does photo editing - as in rotating, resizing, and captions that look like they were done with the "WordArt" feature from Office 97. And since that's only possible on a high-horsepower, dua

Scam artists do the same thing in many specialized fields--stock-based Ponzi schemes, cherry picked or badly reported statistics (typically surveys, often with ignored error margins), crap new age philosophy promising wealth based on quantum physics, Nigerian prince bank transactions, etc. Sometimes they can be recognized from general principles, like when they come to you instead of you coming to them, or when the things they say are too good to be true. Other times it's really hard to sort out the truth f

But the problem here isn't computer savvyness. The problem here is people trusting a stranger on the phone coming up with some vague story about their computer. Anyone with half a brain would (should at least) be suspicious of that, computer knowledge or not.

We (the geeks) actually have a responsibility to educate those poor people rather than calling them idiots.

I choose to educate these people by calling them idiots.

The basic principles behind computing, or your car, or basically anything else in your life are not that complicated, and understanding them bears immediate dividends. Most people, however, willfully avoid learning anything about any of these things, to their detriment. However, what I find more ridiculous is that people are accepting calls out of the blue from J.Random Idiot and believing everything they're saying. It's almost like their parents faile

We (the geeks) actually have a responsibility to educate those poor people rather than calling them idiots. Nothing beats a scammer better than being forewarned.

I would totally agree with your post, but your last sentence there gave me pause. Who says "We the geeks" have that responsibility? Do homeowners, landlords and hotel chain managers have the responsibility to house all the homeless? Does McDonalds have the responsibility to feed the starving kids in [country]? No? Then why do geeks HAVE TO educate the literally millions of clueless computer users who bought their interwebs machine from WalMart along with their milk, bread, sweat shop jeans and cheap 20 piec

That's a bit harsh. They don't have our degree of expertise, but everyones knowledge is generally specialised. "The IT Guys" are just jaded, because they've chosen a profession where they have to deal with that lack of knowledge in their specific area, on a daily basis. It's why I got out of tech support after a couple of years - I didn't like dealing with that. Meanwhile, those "IT guys" have a very limited field of expertise, and are usually unskilled at just about everything NOT computer-related. This do

Sorry but in my experience this simply is not the case. The same family members and friends who can't take the time to learn to protect themselves when online are also too bloody unhandy to level a picture frame, or screw in a curtain rack. Meanwhile my father who is a carpenter by trade and if anything was a bit of a luddite has a pretty good general idea of what sorts of things to look for these days and now educates our family members as best he can. He taught me that there is no such thing as a free lun

Maybe their skills are better suited.. to a more intimate environment?;)

J/K.:) Don't get me wrong - I understand there are many.. many idiots around. I just don't find that everyone bamboozled by computers is necessarily an idiot, some being brilliant in their own fields, but still, after all these years, unable to format text.

Someone calls you up and says "your car was spotted on the highway driving in a certain fashion and we can tell that you need an alignment job, so report to 1234 your mom's street for service which will cost you a hundred dollars" what do you do? You assume they're a scammer and you hang up the phone. Someone calls you up and says "your computer was spotted on the internet leaking packets in a certain fashion so we can tell you're infected with a virus so give us twenty bucks and we'll give you this softwar

Bad analogy, as much as I like car analogies.:) First of all, if someone doesn't know how to drive, we tell them to get off the road because they pose a serious risk to the lives of others and themselves. If the same applied (in the same respect.. I'm sure someone can accidently strangle themselves with a mouse cable if they try really hard) to computers, we wouldn't let folks use those either, but there's no comparison.

For the first part of the analogy, the individual "spotting cars on the highway", while

if someone doesn't know how to drive, we tell them to get off the road because they pose a serious risk to the lives of others and themselves.

and if someone doesn't know how to compute, we tell them to get off the internet because they pose a serious risk to the data and "identity" of others and themselves.

For the first part of the analogy, the individual "spotting cars on the highway", while they may have specialist knowledge, they don't have inside knowledge. They haven't been poking around in your car and being able to gain insight that you can't verify. The computer equivalent to this would be "I saw your computer through your Window the other night and reckon you've got malware". Neither will happen.

Congratulations on knowing little about cars or computers. Advanced car scammers [mis]use semi-public records and contact you with some foreknowledge of what you drive. Advanced computer scammers use popups and tracking combined with the leakiness of your browser [zdnet.com] and contact you with some foreknowledge of who you are and what your computing env

I see you fail at reading comprehension and missed the first half of the sentence. I really don't know why I bother.

Congratulations on knowing little about cars or computers.

Incorrect, but nice try. What you quoted was about people, not either of those. Another reading comprehension fail, but that's okay. You're new at this.

Advanced computer scammers use popups and tracking combined with the leakiness of your browser

Except we're not talking about advanced computer scammers. We're talking about cold-calling Indians who ALSO use publically available information to garner phone numbers. And yes - I've had this company call a new phone number that even I didn'

The scammers making the calls aren't too bright either. I had one call once saying that they had logs saying I had a virus. I asked who they were. They said "This is Microsoft". They didn't answer my question of "Why does Microsoft have logs from my computer running Ubuntu?" and kept on trying to get me to open a web browser. I got bored after a while and hung up.

It's a reference to famous bug called the 'f00f' bug, if you've ever looked in/proc/cpuinfo on an x86 Linux system, you might have noticed it mentioned. Intel published a number of workarounds that OS vendors can use to prevent it, so most operating systems check on boot whether the system is affected, and then implement Intel's suggestions as necessary (if it says "f00f_bug: no" that means Linux determined that you were not affected, and the workarounds were not necessary).

Actually no its not, I am looking at a fresh install of Slackware 13.37 on VM right now. There is certainly some stuff there about my harddisk cache being assumed to be write through and the fact that my file systems were mounted; but nothing says "error", except

I've had countless calls from various companies based in India saying they're calling on behalf of Microsoft who have detected a virus on one of my computers and are offering to 'clean' it up. I don't even say anything now. The phone gets put straight down. It's been getting steadily worse these past few months.

You dont know how lucky you are! I would relish being phoned up by these people. The trolling potential is enormous. Set up a recording device, string them along, it is ever so funny picking them apart, dissecting their lies.

From the comment, it seems that these ladies really do not know they are part of a scam. They're probably just as knowledgeable about computers as the people they are scamming. Sounds sort of like that fake Apple store in China, whose employees thought they were working for Apple, but in fact were not. The lady above probably really thinks she's working for Windows Operating System too....

Yes, keeping them on the line is one tactic. When I saw this report, I called THEM, laughed and told them they're going to lose their jobs. It's the only way to combat all teleassholing: you have to stop people from working for the company at a low enough wage. I tell them to go get a real job, to stop being an embarrassment to their nation (I.e. feeding racist sentiments shown above), that their occupation has the highest turnover of any (true), etc.

Nope, you go the other way, see how much personal information you can find out about your caller. It can get fun, I even found out the colour of the guys underwear one time (had him check for me as he couldn't remember at the time).

They tried that with my mom, but apparently "mom logic" threw them so much they just sat there thinking about it for half a minute before saying a quick "thank you" and hanging up. When they said she had a bug mom told them "Oh I don't worry about such things, that is what having a geek son is for, along with paying for take out and driving me to the library". I guess that just didn't compute for them because she said they were just stunned for nearly a minute before giving up.

I doubt that they are wasting their time. I'm sure that their system switches to another victim when they are not talking to you. During my poor attempt at trolling one I would hear it cut out with a soft pop where it muted both ways leaving me hanging before the guy got back to me.

You are only wasting their time when directly engaging in conversation. Always ask for them to repeat that last thing because you are hard of hearing.

If you follow a link in the article to the original report, you'll find tons of comments about the domain names and the scam... and a few gems interspersed about the companies being so legit and helpful, in pretty broken english, by incredibly generic usernames. Those are some seriously hardcore scammers.

Thanks for that, man. It's really impressive and very funny. It makes the copmuter fast and yuo get free things to b e hppy:P:

"This is Rex and i would like to inform you that i m happy with the tech support service and the most important thing is that i will get unlimited services for the upcoming one year free of charge whenever i want in my computer and i m extremly happy.

I'm hoping this bad publicity puts Comantra out of business, but they'll most likely just disappear and pop up under a different name.My family members have had calls from a few of these companies and my 84 year old grandpa was recently scammed out of around &pound;85 and had his computer filled with their malware which really pissed me off, he'd just bought a license key for MS Office then a few days later got a call from "Microsoft Windows help desk" or similar saying they've detected a virus on his c

This isn't directed at you personally or your grampa... but I'm always wondering... "why Windows?" and then reading your post I realize "oh, Office..." but then I'm left thinking "why Office?"

It really is 2011, and we really do have 31 flavors of OS to suit every need, and even though I'd estimate at least 75%-85% of all computer users have only the "need" for something along the lines of a simplistic Chrome-like OS, we (as consumers and IT afficionados alike) still shoehorn in that Swiss army knife monstr

Okay, but extend that "need" into "want", and suddenly you'll find most PC gamers can't manage at all with a simplistic Chrome-like OS. If you exclude "business" users from your percentage, you'll find your target audience for a simple idiot-proof OS on home PCs dwindles significantly. Sure, they're still out there. And I wholly support giving grandma Ubuntu (or even something simplier), Firefox and Thunderbird, and letting her have at it! She doesn't need to do anything else, so anything else is just bloat. But it's not 75-80% of the home user market that applies to. I doubt it's even 50%. This is why Windows is still going strong (well, that, and the fact that it comes pre-installed on most PCs).

Most folks I know don't buy pre-made PCs, but get friends to price up and build them for them. They're "more power" machines, not "email and messenger" machines. Sure, there's still a market for K.I.S.S, but as each successive generation gets more tech-clued, folks want more options, not less. As the tablet-OS-on-desktops is beginning to take off, we may see this plateau and diverge into two markets - but I don't think you'll find the simple OS market anywhere near as high as 80% for home users - at least not for their primary PC. "Entertainment centers", sure.

So in the camp of folks who do want a more powerful, diverse OS, why WIndows instead of Linux? Linux isn't ready yet. It's at an ideal point as a Simple OS - see Grandma example above. But it's by no means ready as a replacement for Windows for the folks who want to use the additional functionality, but don't want to have to learn how to tinker with the OS. Thesedays, one should never have to see a command prompt to do ANYTHING, in normal usage. Retaining a command prompt for common usage is holding back the Linux desktop from widespread adoptance. There are too many common, complex functions in Linux, which are simple in Windows.

Agreed - there's far too much to Windows. But disagree that that fact has virtually any impact on the user. There's no aspect of the interface or interactions I have with the Windows OS that are any faster in Linux. When I finish this text and hit Preview, it won't happen faster in Linux. When I then close the browser and switch across to my Steam window, it wouldn't happen any faster in Linux. There's no distinguishable speed differential on modern-day 64-bit, 8-core PCs.

I believe you overestimate what most are doing with their desktop, even many of those in the office, but definately not gamers, and not developers. One must look at the application. I think you, sir. would be surprised looking at a list of all the applications you yourself used in, say, the last 2 weeks. and how much time spent with each. No doubt, even some power users might only have a list of a half dozen applications used. If the list is shorter, say 2 or 3 applications, then the user doesn't need a Win

Right - you're back to "all". Understand - I have no disagreement with you over office workers. I'm simply trying to point out you *shouldn't* refer to home users and office workers in the same breath as "computer users". The needs of the two are completely, entirely different. Office workers could generally be given a stripped down OS with 1 or 2 applications that they need and their work lives would be complete.

But that's no argument for home users (which OP was referring to) to be abandoning Windows. The

A console window is a command prompt. You need to use it to install a great deal of Linux software. Alternatively, I've never needed to use the command prompt in the past 2 years on any of my WIndows boxes. I'm not sure quite what you're trying to say. In normal usage, one never has to see a command prompt in Windows.

The key words here are normal usage.

Installing software is normal usage for a home user. This frequently requires a bash prompt in Linux. It doesn't under Windows.

"After spending two hours trying to solve a print problem, I remember co-mantra and with the repeat very patient and competent help, i can now relax. Many thanks co-mantra, I have a felling that it was a good day when i joined your organization."

Yeah, that's about the gist of all the comments on their website. They are all from English sounding names (James Wood) that use constructs nobody would use.

Most computer users aren't geeks, and they don't know how to tell if their computer's infected or not. What they do know, however, is that every single version of Microsoft Windows is full of security holes and that there are millions of viruses, trojans and other malware out there looking for computers to infect. If that weren't true, if Microsoft would clean up its act and put out an operating system that was designed from the bottom up to be secure this type of scam would be impossible.

This is similar to the car warranty call scams of a couple of years ago. "Hello, your car warranty is about to expire, blah blah blah."The scammers do not care that you are on whatever DNC registry exists in your country. They call anyway, using false phone numbers. And call multiple times a week.

I used to make a game of it, seeing how long I could keep them on the line. My best was 30 minutes, ending with "You do realize that the only reason I am talking to you is to keep you from bothering some other per

Nobody does that any more though. If a robot calls you then it just tells you to call an 800 number. A really fancy one might be able to tell the difference between a human and an answering machine, but probably not. Now they call multiple times in a row. I've been getting that "you might have a court issue" spam literally three times in a row in the evening. I actually checked (the old fashioned way) and I don't have a legal issue of any kind (I looked up my name anywhere I've ever had a problem, which has

If voice recognition was better you could let A.L.I.C.E. loose on them. Chumping them into believing the "home owner" has to talk through a voice assisted microphone or something might be necessary but it sure would be fun as hell if you were successful.

Holy Mackerel. My mother-in-law actually got one of these calls. She said someone with a nearly unintelligable accent had called saying he was from her ISP and he could see that her computer had a dangerous infection.

Now, mother-in-law is one of the most internet-savvy non-geeks I have ever met. Her first response was "how? the computer is turned off." He babbled something about how they could still tell and insisted she turn it on right now and follow his instructions very carefully. She said he was v

My Grandpa got duped by this group a little while ago. He was never very tech savvy and is now going senile. And his vision is going too. The description in the summary is just about spot-on. He found some local PC tech to check out his machine and found it clean. Amazingly it looked like the scammers were simply after the money. He managed to cancel the payment and eventually got new credit cards. IIRC, it took Mum and her siblings a while to convince him to do that though. He thought he was safe because t

If you look at the image of the Comantra web site in the PCPro article [pcpro.co.uk] you may notice that they copied the KMail icon for step 1 and step 2 shows a copied Macbook icon (for a Windows "support" site)

My elderly neighbour got scammed by this lot. They actually knew some information that could have only have come from a previous support call to her ISP -an ISP that has a call centre in the same Indian city. I've since learnt that a number of Indian call centre firms are selling data to scammers, and that the Indian authorities don't give a damn since it's bringing in foreign revenue.

Taking a stand like this should just be the tip of the iceberg, but unfortunately, this is only to bring up stock prices temporarily. MS has a long way to go before they do the right thing all around. Many companies associated to them have practices resembling this....

Same here. They called me and my in-laws, claiming to be from "Microsoft Computer Support". I told them it was a federal offence to falsify caller ID information (The call came from "1-000-000-0000"). They hung up fairly quickly.

CS: OK, please click on START on the bottom right...Me: I have nothing in the bottom right.CS: Errrrr, then right-click on the status bar at the bottom of your screen...Me: My status bar is at the top.CS: Oh, right-click on that, then.Me: What do you mean by right-click ?CS: Press the right mouse button.Me: I only have one mouse button.CS: Then click on the status-bar.Me: Sure, nothing happens.CS: What version of Windows are you running ??Me: Windows ????

They called me and got an earful of abuse, because it was saturday morning, when I like to be asleep.

Them: "Hello sir, I am from "Me: "Never heard of them"Them: "We have been doing a survey and noticed that there are a large number of virus infections in your area"Me: "So this is a scam then?"Them: "No sir this is not a scam"Me:"Fine, whatever, carry on"Them: "Sir this is not a scam. We noticed you have a windows computer in your house that connects to the internet"Me: "So you wake me up on a Saturday morni

Awhile back, I got one of these too. They told me that my "PC was serving malware and it was traced to my IP" or something like that. Since my public IP address is static, I asked them what IP address this supposed malware was coming from. They gave me a bullshit number and hung up.

Same here. The tosser said that my IP address was 192.168.1.100, which probably is true for the inside LAN of many of the victims they try to scam, but a bold faced direct lie anyhow, because you don't see the internal address through a NAT - that's the whole point.

Anyhow, I hope these guys will end up on FBIs list, and if they ever set foot on US soil, that they'll rot in jail. Those who got tricked? Don't give them a dime back; consider it a stupid tax.

Mum and I both got called as well, after I hung up on them I called mum immediately to tell her what to expect, she called back (I had to leave a message) and said they had already called, she could tell it was a scam. I taught her well.:D

In a first thought, as a potential beneficiary of USA software development outsourcing, I would protest about your statement.

But then I remembered when we, on a previous job of my on an embedded gadgets for automobiles industry, outsourced some device drivers to a certain country, well known (now) for some not so orthodox behavior on the Software Industry.

I suspect you got modded down by someone who profits from outsourcing on the buyer's side. The CIO who chooses outsourcing often gets some nifty perks and -- best of all -- a happy landing if he/she gets fired when the outsourcing strategy goes into epic fail mode. In the short run, it scores brownie points with CFO and CEO types while maintaining one's membership in the executive golf committee. When things go wrong, a smart executive knows how to get paid for failure. I know of several CIOs who bungled

They were not rude (normally), au contraire, but their verbal politeness did not, at least on English, cope with ours. We took some time to learn how to communicate each other with (what both sides agreed it was) courtesy.

I take a even worst time with Chinese teammates over MSN conferences (we could not manage to understand our English accents!:-D). Without visual assurance, we never know for sure when we're making a praise for a job we

I've had the same experience with Indian and Chinese coworkers. You did a good job describing it despite using a non-native language. I never thought to explicitly state my mindset in order to avoid misinterpreting each other, what a good idea! (this is a praise)

That's what I did for my dad (and upgraded him from XP to 7 at the same time) when he fell for the scam a while back. Luckily he wasn't out any money because the company's accounts got shut down before his payment was processed.

Even if it wasn't necessary it certainly drove home the "Never listen to cold callers" lesson when he had his work laptop offline for a couple of days.

Then again, it's possible that the minimum wage staff in their call centre honestly believe that the script they're following is legit.From the calls I've got myself and the ones reported by others, it really sounds like the callers truly believe what they're saying and don't know much better.

Another way to handle this is start throwing out phrases in other languages. Pissed off a girl years ago with these two phrases..."No Habla English" and "No Habla Espanol". She kept switching between each language...then it would be the other language. She hung up and called back a few minutes later...so she got it again in German and Russian. This time...she didn't call back since I wasted about 10 minutes of her time.

If you really wanted to play with callers from India...start doing the same thing in t

I've got to about an hour, before they told me 'I can go to hell'.....

I managed to keep them talking while I setup a new VM from scratch, and then let them butcher that one believeing it was a real PC. And, then resetting it back to its original state a few times, after supposed crashes!..... haha. They havent phoned me back!

I once had one that got me to go to logmein123.com and enter a six digit code. Do any of these work with Linux? I was thinking about popping in a live cd and letting them at it, but I didn't have one handy at the time, and I didn't trust them with my main Ubuntu install. I could only manage about 20 minutes of stringing out though ("my computer is really slow today!") before I got bored.

But if a stranger phones me up in the middle of the night claiming to be from "Ford Motor Company", telling me that they need me to send them the car keys, or leave the car unlocked so they can come and "fix" it, I will be inherently suspicious and won't part with anything for anything short of a court order.

They could claim to be "recalling" my car - that would be fine. I'd hang up, phone Ford's and check if that's true (as well as checking news stories). It's not difficult if t

Wasting 10 minutes of their time on the phone is a good start, but teledroids don't cost enough for the scammers to worry about.

Your throwaway VM idea is interesting. I wonder if you can get into any trouble by launching an attack against someone who is trying to scam you. Who are they going to call? These phony helpers might be more fun than a trip to Disney. My guess is their environment is not prepared for everything a bunch of angry Slashdotters might try. If they get clobbered, it will take a lot